secureserver.pl is now the test harness script used for SSL/TLS.

# start the https server (or rather, tunnel)

#

sub runhttpsserver {

    my ($verbose, $ipv6, $parm) = @_;

    my $STATUS;

    my $RUNNING;

    my $ip = $HOSTIP;

    my $pidfile = $HTTPSPIDFILE;

    my ($verbose, $ipv6, $certfile) = @_;

    my $proto = 'https';

    my $ipvnum = 4;

    my $ip = ($ipv6 && ($ipv6 =~ /6$/)) ? "$HOST6IP" : "$HOSTIP";

    my $ipvnum = ($ipv6 && ($ipv6 =~ /6$/)) ? 6 : 4;

    my $idnum = 1;

    my $srvrname;

    my $pidfile;

    my $logfile;

    my $flags = "";

    if(!$stunnel) {

        return 0;

    }

    if($ipv6) {

        # not complete yet

        $ipvnum = 6;

        $ip = $HOST6IP;

    }

    $pidfile = server_pidfilename($proto, $ipvnum, $idnum);

    # don't retry if the server doesn't work

    if ($doesntrun{$pidfile}) {

        return (0,0);

    }

    $srvrname = servername_str($proto, $ipvnum, $idnum);

    my $pid = processexists($pidfile);

    if($pid > 0) {

        # kill previous stunnel!

    }

    unlink($pidfile);

    my $flag=$debugprotocol?"-v ":"";

    $flag .= " -c $parm" if ($parm);

    my $cmd="$perl $srcdir/httpsserver.pl $flag -p https -s \"$stunnel\" -d $srcdir -r $HTTPPORT $HTTPSPORT";

    $srvrname = servername_str($proto, $ipvnum, $idnum);

    $logfile = server_logfilename($LOGDIR, $proto, $ipvnum, $idnum);

    $flags .= "--verbose " if($debugprotocol);

    $flags .= "--pidfile \"$pidfile\" --logfile \"$logfile\" ";

    $flags .= "--id $idnum " if($idnum > 1);

    $flags .= "--ipv$ipvnum --proto $proto ";

    $flags .= "--certfile \"$certfile\" " if($certfile);

    $flags .= "--stunnel \"$stunnel\" --srcdir \"$srcdir\" ";

    $flags .= "--connect $HTTPPORT --accept $HTTPSPORT";

    my $cmd = "$perl $srcdir/secureserver.pl $flags";

    my ($httpspid, $pid2) = startnew($cmd, $pidfile, 15, 0);

    if($httpspid <= 0 || !kill(0, $httpspid)) {

# start the ftps server (or rather, tunnel)

#

sub runftpsserver {

    my ($verbose, $ipv6) = @_;

    my $STATUS;

    my $RUNNING;

    my $ip = $HOSTIP;

    my $pidfile = $FTPSPIDFILE;

    my ($verbose, $ipv6, $certfile) = @_;

    my $proto = 'ftps';

    my $ipvnum = 4;

    my $ip = ($ipv6 && ($ipv6 =~ /6$/)) ? "$HOST6IP" : "$HOSTIP";

    my $ipvnum = ($ipv6 && ($ipv6 =~ /6$/)) ? 6 : 4;

    my $idnum = 1;

    my $srvrname;

    my $pidfile;

    my $logfile;

    my $flags = "";

    if(!$stunnel) {

        return 0;

    }

    if($ipv6) {

        # not complete yet

        $ipvnum = 6;

        $ip = $HOST6IP;

    }

    $pidfile = server_pidfilename($proto, $ipvnum, $idnum);

    # don't retry if the server doesn't work

    if ($doesntrun{$pidfile}) {

        return (0,0);

    }

    $srvrname = servername_str($proto, $ipvnum, $idnum);

    my $pid = processexists($pidfile);

    if($pid > 0) {

        # kill previous stunnel!

    }

    unlink($pidfile);

    my $flag=$debugprotocol?"-v ":"";

    my $cmd="$perl $srcdir/httpsserver.pl $flag -p ftps -s \"$stunnel\" -d $srcdir -r $FTPPORT $FTPSPORT";

    $srvrname = servername_str($proto, $ipvnum, $idnum);

    $logfile = server_logfilename($LOGDIR, $proto, $ipvnum, $idnum);

    $flags .= "--verbose " if($debugprotocol);

    $flags .= "--pidfile \"$pidfile\" --logfile \"$logfile\" ";

    $flags .= "--id $idnum " if($idnum > 1);

    $flags .= "--ipv$ipvnum --proto $proto ";

    $flags .= "--certfile \"$certfile\" " if($certfile);

    $flags .= "--stunnel \"$stunnel\" --srcdir \"$srcdir\" ";

    $flags .= "--connect $FTPPORT --accept $FTPSPORT";

    my $cmd = "$perl $srcdir/secureserver.pl $flags";

    my ($ftpspid, $pid2) = startnew($cmd, $pidfile, 15, 0);

    if($ftpspid <= 0 || !kill(0, $ftpspid)) {

#!/usr/bin/env perl

#***************************************************************************

#                                  _   _ ____  _

#  Project                     ___| | | |  _ \| |

#                             / __| | | | |_) | |

#                            | (__| |_| |  _ <| |___

#                             \___|\___/|_| \_\_____|

#

# $Id$

# This is the HTTPS and FTPS server designed for the curl test suite.

# Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.

#

# This software is licensed as described in the file COPYING, which

# you should have received as part of this distribution. The terms

# are also available at http://curl.haxx.se/docs/copyright.html.

#

# You may opt to use, copy, modify, merge, publish, distribute and/or sell

# copies of the Software, and permit persons to whom the Software is

# furnished to do so, under the terms of the COPYING file.

#

# It is actually just a layer that runs stunnel properly.

# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY

# KIND, either express or implied.

#

# $Id$

#***************************************************************************

# This is the HTTPS, FTPS, POP3S, IMAPS, SMTPS, server used for curl test

# harness. Actually just a layer that runs stunnel properly using the

# non-secure test harness servers.

BEGIN {

    @INC=(@INC, $ENV{'srcdir'}, '.');

}

use strict;

use warnings;

use Cwd;

use serverhelp qw(

    server_pidfilename

    server_logfilename

    );

my $stunnel = "stunnel";

my $verbose=0; # set to 1 for debugging

my $port = 8991;        # just our default, weird enough

my $accept_port = 8991; # just our default, weird enough

my $target_port = 8999; # default test http-server port

my $path = getcwd();

my $srcdir=$path;

my $proto='https';

my $stuncert;

my $ver_major;

my $socketopt;

my $cmd;

my $pidfile;          # stunnel pid file

my $logfile;          # stunnel log file

my $loglevel = 5;     # stunnel log level

my $ipvnum = 4;       # default IP version of stunneled server

my $idnum = 1;        # dafault stunneled server instance number

my $proto = 'https';  # default secure server protocol

my $conffile;         # stunnel configuration file

my $certfile;         # certificate chain PEM file

#***************************************************************************

# stunnel requires full path specification for several files.

#

my $path   = getcwd();

my $srcdir = $path;

my $logdir = $path .'/log';

#***************************************************************************

# Signal handler to remove our stunnel 4.00 and newer configuration file.

#

sub exit_signal_handler {

    my $signame = shift;

    local $!; # preserve errno

    local $?; # preserve exit status

    unlink($conffile) if($conffile && (-f $conffile));

    exit;

}

#***************************************************************************

# Process command line options

#

while(@ARGV) {

    if($ARGV[0] eq "-v") {

    if($ARGV[0] eq '--verbose') {

        $verbose = 1;

    }

    if($ARGV[0] eq "-w") {

        return 0; # return success, means we have stunnel working!

    }

    elsif($ARGV[0] eq "-p") {

    elsif($ARGV[0] eq '--proto') {

        if($ARGV[1]) {

            $proto = $ARGV[1];

            shift @ARGV;

        }

    elsif($ARGV[0] eq "-r") {

        $target_port=$ARGV[1];

    }

    elsif($ARGV[0] eq '--accept') {

        if($ARGV[1]) {

            if($ARGV[1] =~ /^(\d+)$/) {

                $accept_port = $1;

                shift @ARGV;

            }

    elsif($ARGV[0] eq "-s") {

        }

    }

    elsif($ARGV[0] eq '--connect') {

        if($ARGV[1]) {

            if($ARGV[1] =~ /^(\d+)$/) {

                $target_port = $1;

                shift @ARGV;

            }

        }

    }

    elsif($ARGV[0] eq '--stunnel') {

        if($ARGV[1]) {

            $stunnel = $ARGV[1];

            shift @ARGV;

        }

    elsif($ARGV[0] eq "-d") {

    }

    elsif($ARGV[0] eq '--srcdir') {

        if($ARGV[1]) {

            $srcdir = $ARGV[1];

            shift @ARGV;

        }

    elsif($ARGV[0] eq "-c") {

    }

    elsif($ARGV[0] eq '--certfile') {

        if($ARGV[1]) {

            $stuncert = $ARGV[1];

            shift @ARGV;

        }

    elsif($ARGV[0] =~ /^(\d+)$/) {

        $port = $1;

    }

    elsif($ARGV[0] eq '--id') {

        if($ARGV[1]) {

            if($ARGV[1] =~ /^(\d+)$/) {

                $idnum = $1 if($1 > 0);

                shift @ARGV;

            }

        }

    }

    elsif($ARGV[0] eq '--ipv4') {

        $ipvnum = 4;

    }

    elsif($ARGV[0] eq '--ipv6') {

        $ipvnum = 6;

    }

    elsif($ARGV[0] eq '--pidfile') {

        if($ARGV[1]) {

            $pidfile = "$path/". $ARGV[1];

            shift @ARGV;

        }

    }

    elsif($ARGV[0] eq '--logfile') {

        if($ARGV[1]) {

            $logfile = "$path/". $ARGV[1];

            shift @ARGV;

        }

    }

    else {

        print STDERR "\nWarning: secureserver.pl unknown parameter: $ARGV[0]\n";

    }

    shift @ARGV;

};

}

my $conffile="$path/stunnel.conf";	# stunnel configuration data

my $certfile="$srcdir/" 

            . ($stuncert?"certs/$stuncert":"stunnel.pem");	# stunnel server certificate

#***************************************************************************

# Initialize command line option dependant variables

#

if(!$pidfile) {

    $pidfile = "$path/". server_pidfilename($proto, $ipvnum, $idnum);

}

if(!$logfile) {

    $logfile = server_logfilename($logdir, $proto, $ipvnum, $idnum);

}

$conffile = "$path/stunnel.conf";

my $pidfile="$path/.$proto.pid";	# stunnel process pid file

my $logfile="$path/log/${proto}_stunnel.log";    # stunnel log file

my $loglevel=5;

$certfile = "$srcdir/". ($stuncert?"certs/$stuncert":"stunnel.pem");

my $ssltext = uc($proto) ." SSL/TLS:";

#

if($stunnel_version < 310) {

    print "$ssltext Unsupported stunnel version $ver_major.$ver_minor\n";

    exit 1;

}

#***************************************************************************

        $socketopt = "-O a:SO_REUSEADDR=1";

    }

    $cmd  = "$stunnel -p $certfile -P $pidfile ";

    $cmd .= "-d $port -r $target_port -f -D $loglevel ";

    $cmd .= "-d $accept_port -r $target_port -f -D $loglevel ";

    $cmd .= ($socketopt) ? "$socketopt " : "";

    $cmd .= ">$logfile 2>&1";

    if($verbose) {

        print "pid file: $pidfile\n";

        print "log file: $logfile\n";

        print "log level: $loglevel\n";

        print "listen on port: $port\n";

        print "listen on port: $accept_port\n";

        print "connect to port: $target_port\n";

    }

}

    $socketopt = "a:SO_REUSEADDR=1";

    $cmd  = "$stunnel $conffile ";

    $cmd .= ">$logfile 2>&1";

    # setup signal handler

    $SIG{INT} = \&exit_signal_handler;

    $SIG{TERM} = \&exit_signal_handler;

    # stunnel configuration file

    if(open(STUNCONF, ">$conffile")) {

	print STUNCONF "

	foreground = yes

	[curltest]

	accept = $port

	accept = $accept_port

	connect = $target_port

	";

        if(!close(STUNCONF)) {

        print "foreground = yes\n";

        print "\n";

        print "[curltest]\n";

        print "accept = $port\n";

        print "accept = $accept_port\n";

        print "connect = $target_port\n";

    }

}

my $rc = system($cmd);

$rc >>= 8;

#if($rc) {

#    print "stunnel exited with $rc!\n";

#}

unlink $conffile;

unlink($conffile) if($conffile && -f $conffile);

exit $rc;